Substantive Change: Information Security Risk Management Standard

Last modified
May 9, 2024 - 11:19am

Effective: June 1, 2022 

On June 1, 2022 the Information Security Risk Management standard was updated to remove the requirement for a department head to sign-off on the final departmental ISRM report.

Also revised to remove the use of email to contact departments as well as a survey to complete the Information Security Risk Management assessment.  A tool, OneTrust, is used to complete the ISRM assessment. The phrase "information security" replaced where IT or Information Technology was used to refer to the information security risk assessment.

Please review the details of this standard as well as the procedure with which it is associated.